CN113660668A - Seamless credible cross-domain routing system of heterogeneous converged network and control method thereof - Google Patents
Seamless credible cross-domain routing system of heterogeneous converged network and control method thereof Download PDFInfo
- Publication number
- CN113660668A CN113660668A CN202110530588.1A CN202110530588A CN113660668A CN 113660668 A CN113660668 A CN 113660668A CN 202110530588 A CN202110530588 A CN 202110530588A CN 113660668 A CN113660668 A CN 113660668A
- Authority
- CN
- China
- Prior art keywords
- network
- routing
- node
- information
- domain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 121
- 230000008569 process Effects 0.000 claims abstract description 84
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 79
- 230000007246 mechanism Effects 0.000 claims abstract description 50
- 238000004364 calculation method Methods 0.000 claims abstract description 42
- 230000006399 behavior Effects 0.000 claims abstract description 26
- 230000005284 excitation Effects 0.000 claims abstract description 6
- 230000004936 stimulating effect Effects 0.000 claims abstract description 4
- 230000009471 action Effects 0.000 claims description 79
- 230000006870 function Effects 0.000 claims description 39
- 230000005540 biological transmission Effects 0.000 claims description 29
- 230000000875 corresponding effect Effects 0.000 claims description 29
- 230000002787 reinforcement Effects 0.000 claims description 28
- 239000003795 chemical substances by application Substances 0.000 claims description 18
- 238000011156 evaluation Methods 0.000 claims description 16
- 230000004044 response Effects 0.000 claims description 15
- 238000012549 training Methods 0.000 claims description 14
- 238000003860 storage Methods 0.000 claims description 11
- 238000001514 detection method Methods 0.000 claims description 10
- 238000013475 authorization Methods 0.000 claims description 9
- 230000001276 controlling effect Effects 0.000 claims description 9
- 230000003993 interaction Effects 0.000 claims description 8
- 238000012795 verification Methods 0.000 claims description 7
- 230000000694 effects Effects 0.000 claims description 5
- 238000011478 gradient descent method Methods 0.000 claims description 4
- 235000008694 Humulus lupulus Nutrition 0.000 claims description 3
- 238000009826 distribution Methods 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 claims description 3
- 238000001303 quality assessment method Methods 0.000 claims description 3
- 238000012546 transfer Methods 0.000 claims description 3
- 238000010801 machine learning Methods 0.000 abstract description 6
- 238000005516 engineering process Methods 0.000 description 12
- 238000004891 communication Methods 0.000 description 9
- 238000013461 design Methods 0.000 description 9
- 230000004927 fusion Effects 0.000 description 9
- 238000007726 management method Methods 0.000 description 6
- 230000008901 benefit Effects 0.000 description 5
- 238000013135 deep learning Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000005304 joining Methods 0.000 description 4
- 238000011160 research Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000011217 control strategy Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 3
- 230000001934 delay Effects 0.000 description 3
- 238000005259 measurement Methods 0.000 description 3
- 206010033799 Paralysis Diseases 0.000 description 2
- 238000010835 comparative analysis Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 206010000117 Abnormal behaviour Diseases 0.000 description 1
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000013210 evaluation model Methods 0.000 description 1
- 238000004880 explosion Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 208000015181 infectious disease Diseases 0.000 description 1
- 230000002458 infectious effect Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000000691 measurement method Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 239000012466 permeate Substances 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000000638 stimulation Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/66—Trust-dependent, e.g. using trust scores or trust relationships
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/02—Arrangements for optimising operational condition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/24—Connectivity information management, e.g. connectivity discovery or connectivity update
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computational Linguistics (AREA)
- General Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Biophysics (AREA)
- Life Sciences & Earth Sciences (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Artificial Intelligence (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention belongs to the technical field of cross-domain routing, and discloses a seamless credible cross-domain routing system of a heterogeneous converged network and a control method thereof, wherein the control method of the seamless credible cross-domain routing system of the heterogeneous converged network comprises the following steps: evaluating the trust value of the network node and stimulating the honest behavior of the network node through a trust calculation method and an incentive mechanism; issuing an intelligent contract for cross-domain routing and determining a network state updating process; and designing an AR-DRL algorithm which is based on the block chain and the DDPG algorithm to obtain an optimal routing strategy and realize seamless cross-domain routing. The invention realizes automatic cross-domain routing through intelligent contracts and machine learning algorithms; the credibility of the routing node is improved through an excitation mechanism and a consensus mechanism; according to the network state information provided by the operator in the registration process, the authenticity of the network state information in the routing process is remotely evaluated, the counterfeiting and the collusion attacks of the network operator can be resisted, and the authenticity and the reliability of the routing information are ensured.
Description
Technical Field
The invention belongs to the technical field of cross-domain routing, and particularly relates to a seamless credible cross-domain routing system of a heterogeneous converged network and a control method thereof.
Background
Currently, mobile communication continues to rapidly develop in an unblocked trend. With the rapid change of a mobile network system, 5G can permeate into the fields of Internet of things and the like, and is deeply and isomerously fused with the fields of industrial facilities, medical services, transportation and the like, so that the interconnection of everything is comprehensively realized, and the information service requirements of vertical industries such as industry, medical treatment, transportation and the like are effectively met. No doubt, future communication systems will be further developed based on the existing 5G, and the latter 5G and even the future 6G will become the most promising direction for communication technology development. 6G is likely to be a one-day-to-one heterogeneous convergence network. Compared with the traditional single network, the Integrated converged heterogeneous network (Integrated converged hetnets) is formed by fusing multiple heterogeneous networks. Because different networks have different architectures and characteristics, the integrated heterogeneous convergence network has the characteristics of network heterogeneity, topological structure time-varying property, self-organization, communication link openness, high time-varying property, large-scale property and the like, and the characteristics enable the heterogeneous convergence network to face security threats of multiple aspects and different levels.
Route security is one of the core problems of network security, and determines the quality and performance of network data transmission. Compared with the traditional ground network, the open and heterogeneous characteristics of the integrated heterogeneous fusion network make the routing more vulnerable to attacks such as routing control information stealing, tampering, counterfeiting, replaying, service denial and the like, so that the network performance is seriously reduced and even the whole network is paralyzed. In addition, the time-varying property of the integrated heterogeneous convergence network easily causes rapid change of routing information, and the high dynamic property easily reduces the efficiency of the system, so that the network is difficult to ensure high-efficiency resource utilization rate and QoS requirements. Therefore, how to implement secure and trusted routing in the integrated heterogeneous converged network is the key for the network to be put into practical use.
In particular, due to the characteristics of the integrated heterogeneous converged network (such as heterogeneity, topological time-varying property, self-organization, openness of communication links, high latency and large-scale), it is difficult to establish a single central entity to manage the routing of the entire network. Meanwhile, in the heterogeneous converged network, the identity authentication centers of different networks need to exchange a large amount of information frequently, which makes information management very complicated and makes it difficult to ensure consistency and credibility. In addition, since the authentication centers of different networks cannot completely trust each other, it is difficult to achieve non-repudiation. In summary, the openness and heterogeneity of a unified heterogeneous converged network makes routes more vulnerable than traditional single networks. Therefore, a general trusted platform is established in the unified heterogeneous converged network, and the realization of trusted routing still faces huge challenges.
In order to ensure the trustworthiness of the route, some studies have been proposed. However, most of the existing works are only applicable to a single network or only provide a routing scheme which is feasible in a specific scenario, and the research is difficult to be applied to an integrated heterogeneous converged network scenario, so that the safety and the autonomy of the routing cannot be ensured.
Due to the specific characteristics of the heterogeneous converged network, it is difficult to establish a single central entity to uniformly manage the entire network, that is, it is difficult to obtain sufficient security using a centralized architecture, and therefore, cross-domain routing of the heterogeneous converged network requires cooperation between related network operators. The block chain is used as a distributed trusted platform, has the advantages of decentralization, high fault tolerance, information consistency, traceability and the like, and can provide a good solution for cross-domain routing in a heterogeneous convergence network.
(1) Traditional single autonomous domain routing
Currently, there are many routing schemes for a single autonomous domain. Most of them focus on routing problems for a certain specific network, such as mobile ad hoc network routing, terrestrial network routing, IP-based satellite network routing, space network routing, satellite routing, and Delay Tolerant Network (DTN) -based routing. Among them, the DTN protocol is widely used in space and terrestrial network environments. However, although routing protocols have been extensively studied, most routes are mainly applicable to terrestrial network scenarios, such as infectious routes, probabilistic routes, social attribute routes, and routes applicable to vehicular networks.
Subsequently, in order to improve the routing performance of data transmission, forwarding and other processes in the single autonomous network, marching et al designed a lightweight routing protocol based on trust for the mobile ad hoc network, which uses trust metrics to detect nodes with abnormal behaviors. This work only considers the packet forwarding behavior of the neighbors when evaluating their trust levels. In a sense, this work is lightweight, and Intrusion Detection Systems (IDS) for estimating the trust of one node to another consume limited computational resources. Zhang et al propose a quality of service (QoS) routing policy based on a Storage Time Aggregation Graph (STAG) that supports multiple tasks on a satellite network. For the QoS issues of multiple tasks in the satellite network, a routing strategy for QoS support is designed to maximize multipath traffic with acceptable delivery delay. In particular, authors build an on-demand task model using STAG to describe the dynamics of the network and different task requirements, and then reduce the QoS support problem to a graph-based maximum traffic problem. In order to solve the problem of the maximum traffic based on graphics, the authors also propose a multiple-stream routing scheme based on STAG, which guarantees QoS of tasks and matches rare network resources with low computational complexity. Lu et al propose a topology control strategy in a two-tier satellite network to ensure consistency of the routing topology. On the basis, a robust routing protocol is proposed by combining a centralized routing strategy and a distributed routing strategy. The protocol improves routing security and reduces routing delay. Pan et al comprehensively considers conditions such as network load characteristics, node utilization rate, trust values and hop counts, and provides a trust evaluation model by introducing a sliding window mechanism. On the basis of the model, an on-demand secure routing protocol suitable for the satellite network is designed to effectively prevent a large number of internal attacks and improve the security of the routing process.
(2) Multi-domain and cross-domain routing
The integrated heterogeneous convergence network consists of various networks covering the air, space, ground and ocean networks. The convergence of multiple heterogeneous networks makes traditional single autonomous domain routing protocols infeasible in an integrated heterogeneous convergence network. Currently, researchers have conducted relevant research into the multi-domain cross-domain routing problem. Some of these studies are based on Software Defined Networking (SDN) to enable privacy protection in cross-domain routing processes. Chen et al propose a privacy protection method in cross-domain routing optimization (PYCRO). In the method, the PYCRO can calculate the shortest path across domains which accords with the strategy, and distributes bandwidth for the stream while protecting the private information of the domains. Subsequently, Chen et al proposed a cross-domain privacy preserving routing scheme based on SDN in order to improve time efficiency. The scheme designs a fast path (QIP) technology to avoid the problem of low efficiency of using secure multi-party computing (SMPC) in cross-domain routing. Zhang et al propose a cross-domain source routing scheme for multi-domain networks based on the ideas of source routing and pre-routing. The cross-domain flow provisioning requests are only generated in the source domain and the target domain and each controller only needs to bear the load associated with local traffic. Experimental results show that the scheme can reduce the burden of the controller. However, although this scheme implements routing between multiple domains, it is still applied to cross-domain routing of the integrated heterogeneous convergence network due to the characteristics of the integrated heterogeneous convergence network. Saadi et al propose a heterogeneous metropolitan area network architecture by combining IEEE 802.11 Wireless Mesh Networks (WMNs) and Long Term Evolution (LTE) networks. Based on this, they propose a new heterogeneous routing protocol and a reinforcement learning based routing algorithm that can select the appropriate transmission technology according to the parameters in each network. However, this approach cannot support autonomous routing in an integrated heterogeneous converged network. In summary, none of the above related researches can provide a safe and reliable solution to the routing problem across different network domains in an integrated heterogeneous convergence network.
In order to ensure safe and reliable cross-domain routing, researchers have designed some cross-domain routing schemes based on blockchain techniques. Yang et al propose a routing scheme based on blockchain techniques and reinforcement learning algorithms in wireless sensor networks. The scheme ensures the traceability and the non-tamper property of information in the wireless sensor network by applying the block chain technology. A reinforcement learning algorithm is used to improve the routing efficiency to obtain reliable and efficient routing links. However, this solution is obviously not directly applicable to cross-domain routing of an integrated heterogeneous convergence network for the following four reasons: 1) the reinforcement learning algorithm used in the scheme can not process a complex state space and an integrated heterogeneous fusion network with a high-dimensional data space; 2) the scheme aims at a wireless sensor network scene and cannot be well applied to an integrated heterogeneous convergence network; 3) the scheme does not consider the reliability of transaction information, so that the routing information is easy to suffer from black hole attack; 4) the scheme uses a block chain to ensure that transaction information is not tampered, but reliability and trust evaluation of routing nodes are not considered, and credibility of nodes participating in routing cannot be ensured; 5) this scheme does not take into account the true validity of the topology information. Arbor et al propose a reliable routing scheme based on SDN and cloud based on blockchain technology. The scheme utilizes the characteristics of the block chain to establish the trust relationship between the distributed controllers. Based on the trust relationship, a cloud-based trusted cross-domain routing mechanism is designed in the SDN. The scheme does not use a reinforcement learning algorithm, but has similar problems with the scheme in the prior art, and is obviously not suitable for the integrated heterogeneous convergence network. Therefore, due to the specific characteristics of the integrated heterogeneous convergence network, the scheme cannot effectively ensure the safety and the trust degree of the routing, and cannot realize automatic routing. Therefore, the existing scheme is not suitable for cross-domain routing of the integrated converged network. In short, there is still a lack of an automatic routing scheme that can implement seamless and reliable routing across multiple network domains in a heterogeneous converged network.
Due to the specific characteristics of the integrated heterogeneous convergence network, it is difficult to establish a unified central entity to manage the entire network, that is, it is difficult to obtain sufficient security using a centralized architecture, and therefore, related network operators are required to cooperate to implement cross-domain routing of the integrated heterogeneous convergence network. Because network nodes may lie and information may be exposed to the risk of theft, tampering, forgery, or replay during transmission. Therefore, the integrated heterogeneous convergence network faces a serious routing security problem.
In current research, there are still some unresolved issues in network routing: 1) due to topology changes and link delays, existing routing protocols for the Internet and ad hoc networks cannot meet the routing requirements of an integrated heterogeneous converged network. 2) Existing routing schemes are primarily suited for specific network scenarios and cannot be applied to different types of networks in a generic way. 3) Existing solutions rely heavily on certain trusted nodes in the routing process. Due to the single-point vulnerability of the 'trusted' node, a single-point fault is easily caused. 4) Most of the existing work cannot be directly applied to the integrated heterogeneous convergence network. 5) Most existing routing schemes do not consider the authenticity and credibility of topology information provided by different networks, and are vulnerable to various routing attacks.
Therefore, there is a need to solve the following problems:
problem 1: the credibility problem of the cross-domain routing of the heterogeneous converged network is solved. Due to the characteristics of the integrated heterogeneous convergence network (such as heterogeneity, topological time-varying property, self-organization, openness of communication links, high latency and large-scale), it is difficult to establish a single central entity to manage the routing of the entire network. Meanwhile, in the heterogeneous converged network, the identity authentication centers of different networks need to exchange a large amount of information frequently, which makes information management very complicated and makes it difficult to ensure consistency and credibility. In addition, since the authentication centers of different networks cannot completely trust each other, it is difficult to achieve non-repudiation. The openness and heterogeneity of a unified heterogeneous converged network makes routes more vulnerable than traditional single networks. Therefore, a common trusted platform needs to be established in the integrated heterogeneous converged network.
Problem 2: on the basis of the problem 1, the automatic cross-domain routing problem of the heterogeneous convergence network is solved: the existing routing scheme is mainly applicable to specific network scenes and cannot be applied to different types of networks in a general way, so that the existing routing scheme cannot be directly applied to an integrated heterogeneous convergence network. Moreover, due to topology dynamics and link delays, existing routing protocols for the Internet and ad hoc networks cannot meet the routing requirements of the integrated heterogeneous converged network.
Problem 3: on the basis of the problem 1, the problems of authenticity and routing reliability of routing topology information are solved: for the open and heterogeneous characteristics of the integrated heterogeneous convergence network, the routing process is more vulnerable to attacks such as routing information stealing, tampering, counterfeiting, replaying, service denial and the like, and the network performance is easily seriously reduced even the whole network is paralyzed. Moreover, in the cross-domain routing, in order to attract traffic or conspire themselves, the operator may provide false routing information in the cross-domain routing, which causes routing errors or failures, and thus, the authenticity of the topology information and the reliability of the routing cannot be effectively ensured.
Through the above analysis, the problems and defects of the prior art are as follows:
(1) due to topology changes and link delays, existing routing protocols for the Internet and ad hoc networks cannot meet the routing requirements of an integrated heterogeneous converged network.
(2) Existing routing schemes are mainly applicable to specific network scenarios and cannot be applied to different types of networks in a general manner.
(3) In the routing process, the existing scheme excessively depends on certain credible nodes, single-point faults are easily caused due to the single-point vulnerability of the credible nodes, and most of the existing work cannot be directly applied to the integrated heterogeneous convergence network.
(4) Most existing routing schemes do not consider the authenticity and credibility of topology information provided by different networks, and are vulnerable to various routing attacks.
The difficulty in solving the above problems and defects is:
1. the integrated converged network scene has heterogeneity, topological time-varying property, self-organization, openness of communication links, high delay and large scale, and it is difficult to design an effective and practical routing scheme or algorithm meeting the conditions.
2. The topology information of the network is dynamically changed, and an operator may provide false routing information during cross-domain routing, so that the authenticity of the topology information and the reliability of the routing are ensured with certain difficulty.
The significance of solving the problems and the defects is as follows:
1. a general trusted platform can be established for the integrated heterogeneous converged network to realize trusted routing.
2. Seamless credible automatic cross-domain routing of the heterogeneous converged network can be effectively ensured.
3. The authenticity and the routing reliability of the routing topology information are ensured to a certain extent.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a seamless credible cross-domain routing system of a heterogeneous fusion network and a control method thereof, and particularly relates to a seamless credible cross-domain routing system of a heterogeneous fusion network based on a block chain and a control method thereof.
The invention is realized in such a way that a control method of a seamless credible cross-domain routing system of a heterogeneous converged network comprises the following steps: evaluating the trust value of the network node and stimulating the honest behavior of the network node through a trust calculation method and an incentive mechanism; issuing an intelligent contract for cross-domain routing and determining a network state updating process; and designing an AR-DRL algorithm which is based on the block chain and the DDPG algorithm to obtain an optimal routing strategy and realize seamless cross-domain routing.
Further, the control method of the seamless trusted cross-domain routing system of the heterogeneous converged network comprises the following steps:
step one, determining a trust calculation and excitation mechanism; evaluating the trust value of the network node and stimulating the honest behavior of the network node through a trust calculation method and an incentive mechanism;
step two, issuing an intelligent contract; automatic cross-domain routing is realized through intelligent contracts and machine learning algorithms;
step three, updating the network state; because the network information is constantly changing, the scalability can be better realized by updating the network state;
step four, constructing a cross-domain intelligent route; the optimal routing strategy is calculated through an automatic routing algorithm based on deep reinforcement learning (AR-DRL), and the algorithm is based on a block chain and a DDPG algorithm to obtain the optimal routing strategy, so that seamless cross-domain routing is realized.
And step five, counting the cost. As no one would like to participate in the resource consuming work for a gratuitous reason. After agreement on the routing path, the relevant operator will perform synchronization and accounting based on the amount of network resources used in the cross-domain routing process, thereby facilitating more nodes to join the cross-domain route.
Further, in step one, the trust calculation and incentive mechanism includes:
(1) each node in the network registers to a certificate center, obtains a random unique ID and generates a unique address Add for the node; each network authorizes the node with the highest internal trust degree as an authorized miner of the block chain according to the trust values of different nodes, and stores the trust values of all the nodes in the block chain; a threshold lambda is introduced to determine the trust level of any node in the network, and if Tr (i, j) is more than or equal to lambda, the node is trusted; otherwise, the node is malicious; nodes that are assessed as trustworthy are considered cooperative nodes and are eligible for tokens available for consumption as rewards; adding the malicious nodes into a grey list to be punished, and setting punishment on the nodes to be far greater than reward; wherein, the incentive mechanism calculation process based on the trust value is as follows:
wherein, g1Is a reward factor, g2Is a penalty factor, g2>>g1。
(2) Determination of dynamic trust evaluation mechanism:
1) direct trust
The direct trust refers to the direct evaluation of the trust value of the node j by the node i at the current moment, and the evaluation result is stored in the local database of the node. In the routing process, a data packet sent by a source node is transmitted to a neighbor node j through a node i, and the node i monitors the forwarding condition of the node j when sending the data packetAlternatively, a direct trust value Tr from node i to node j is calculated based on the monitoring resultD(i, j) and storing the trust value calculation result in a node local database; wherein the calculation of the direct trust value may be represented as:
wherein, TrD k-1(i, j) represents the direct trust value of the node i to the node j according to the historical behavior of the node j, that is, the node i can query the trust value database of the node j to find the historical trust data of the node j; srD(i,j)=λ1Pj+λ2NjRepresenting the credibility evaluation of the node j by the node i by using an intrusion detection system; pjAnd NjRespectively representing the positive and negative evaluation of the intrusion detection system on the current behavior of the user j, lambda1,λ2Set according to the condition of the intrusion detection system, and lambda1+λ2Is greater than 0; zr (i, j) represents the number of successful forwarding in the data packet received by node j from node i; fr (i, j) represents the number of drops in the data packet received by node j from node i; the parameter alpha represents a decay time factor representing the degree of decay of the historical trust value over time and 0 < alpha < 1.
2) Recommending trust
The node i initiates a calculation process of the recommended trust value to the neighbor node, and further evaluates the node j; the specific calculation process of the recommended trust value is as follows:
the node i broadcasts and sends any value inquiry information to the neighbor nodes and initiates a calculation process of the recommended trust value; after receiving the query information, the neighbor node of the node i queries the local database record, if the database has a trust value related to the node j, a response message is sent, and the direct trust value calculation result of the node j is sent to the node i; if the trust value database of n (n is more than 2) nodes in the neighbor nodes of the node i has a direct trust value calculation result of the node j, for each recommender e, calculating a corresponding weight factor xie:
Wherein, TrD(i, e) represents the direct trust value calculation result of the node i to the node e, the higher the value of the direct trust value calculation result, the higher the credibility of the node e, and the corresponding weighting factor xieThe larger the recommendation trust value is, the larger the proportion of the recommendation opinion of the node e in the final recommendation trust value is, so the recommendation trust value of the node can be calculated as follows:
3) integrated trust value
Calculating the comprehensive trust value of the node according to the direct trust value and the recommended trust value of the node as follows:
4) dynamic trust value
Computing the dynamic trust value Tr (i, j) of the node:
Tr(i,j)=αθ1TrC old(i,j)+θ2Trcnew(i,j);
wherein, TrC old(i,j),TrC new(i, j) respectively representing a historical integrated trust value and a current integrated trust value of the node; beta theta1,θ2Is a weighting factor, and because the current integrated confidence value has a better reference value than the historical integrated confidence value, theta1,θ2Satisfies the relation 0 < theta1<θ2<1,θ1+θ 21 is ═ 1; alpha is a decay factor representing the degree of decay of the historical confidence value over time and 0 < alpha < 1.
Further, in step two, the issuing of the intelligent contract includes:
facilitating automatic routing of a heterogeneous converged network using intelligent contracts: when an intelligent contract is created, firstly generating an address for the contract, then each operator negotiates and sends tokens with the same quantity to the address to generate the intelligent contract; when all operators reach consensus based on the POA consensus mechanism, the intelligent contract is issued; in the routing process, all routing requests are sent to the intelligent contract; once a routing request is issued, the intelligent contract will automatically perform the routing process.
Intelligent contract-based automatic routing includes three phases: the first stage is used for sending a routing request; the second stage is used for establishing a routing link; the third phase is used for maintaining the route; the first stage comprises a Routing Request Function: a source user sends a routing request packet to a local domain server, and the local server determines a routing type according to an address of a destination node; if cross-domain routing is needed, the server sends a routing request to the intelligent contract; the second stage comprises Routing Offer Function: each intermediate node or destination node receiving the routing request packet may respond by sending a routing reply message to the source user; specifying a threshold value for response time T, if T > T, the intermediate node will be placed in a grey list; using an AR-DRL algorithm to select the optimal next hop for the routing process according to all intermediate response nodes; the third stage includes a Routing Accept Function: when all authorized miners reach the consistency of the routing strategy output by the AR-DRL algorithm, the server sends the data packet to the target node according to the routing strategy; wherein, the information in the grey list is used for informing other source users that the intermediate node is no longer reachable; after determining the routing policy, the irrelevant nodes in the grey list are released.
Further, in step three, the network status update includes:
(1) block chain structure
Adopting a block chain of alliances to construct a reliable management platform; the block chain is a chain structure connected by blocks and stores transaction information of the network, wherein each block comprises a block head and a block body.
Wherein the block header comprises version information, parent hash, difficulty of generating the block, timestamp of generating the block, and hash value of the Merkle tree; the block body comprises data and transaction information of all network nodes in the block creating and verifying process; wherein the transaction information includes routing information and network state information.
(2) Network status update
1) An operator wants to participate in a cross-domain routing process, firstly registers in an authentication center, and transfers part of tokens to a corresponding authentication center to be used as deposit; during registration, each operator provides own topology information TS and network state information NS; topology information TS ═ { G, H }, G representing a set of switches in an actual network; h denotes a physical link in an actual network; network state information, i.e. network performance, is represented by the following set:
NS={LU(…),C(…),D(…),B(…),T(…)};
wherein LU (…) represents link utilization for each link in the network, which represents the ratio of the amount of traffic allocated in the link to the link bandwidth; c (…) represents the bandwidth of the network link; d (…) represents network latency; b (…) represents link reachability, and T (…) represents link throughput; network performance needs to meet basic network QoS standards and packet loss rates, otherwise it would be considered an unreasonable network with no routing and forwarding capabilities;
2) before routing, each authorized miner can remotely authenticate the current network quality information provided by an operator according to the topology information and the network state information provided by the operator in the registration process; if the authentication result is: the current network information is not significantly different from the information at registration or remains within an acceptable error range, and all authorized miners agree on the authentication result, then the operator is trusted; otherwise, the operator is malicious; wherein the network information comprises topology information and network state information;
3) it is assumed that the topology information of the operator can be divided into two cases: the topology information is fixed and can be publicly verified; the topology information dynamically changes; the network status update procedure for both cases is as follows:
topology information is fixed and unchanged: an operator issues topology information TS, and each person can publicly verify the authenticity of the topology state information; according to step 2), if all authorized miners agree on the authentication result, the information provided by the operator is reliable; according to a PoA consensus mechanism, the verified topology information is stored in a block chain, and routing related information is transmitted to an intelligent contract through token transaction; wherein the routing related information comprises a source address and a destination address;
if the topology of the operator dynamically changes within a period of time, verifying the validity of the topology information offline in the authentication center, executing the step (2) to determine whether the operator provides real topology information for cross-domain routing, wherein the verified topology information is also stored in the block chain; repeating the offline verification if the topology is changed again;
4) if the information provided by an operator is real and the service quality is good, the operator will additionally obtain some tokens as reward or receive a part of refund deposit to promote its honesty; otherwise, the operator's deposit will increase, i.e., the operator will need to give an additional portion of tokens as a deposit.
Further, in step four, the cross-domain intelligent routing includes:
when a user in the local domain sends a new route request packet P to the local serverUser=(AddUserSou, Des), the local server first determines whether cross-domain routing is needed, i.e. determines the type of routing by the starting point and the end point of the data, if the starting point and the end point are in the same domain, cross-domain routing is not needed, and vice versa; at PUserIn (ad)UserIs the unique identity address of the user, Sou is the information of the source node, and Des is the information of the destination node; the local server sends a request of establishing a cross-domain route to a local block chain authorized miner, and establishes the cross-domain route; the process of the link automatic cross-domain routing is as follows:
(1) collecting, measuring, updating and storing network state information in a block chain; if a new route request is received, the local blockchain authorizes miners to send the route request data packet PUserAnd its identification address AddMinerSent to the intelligent contract address AddContrat(ii) a If the tape Add is detected in the smart contractMinerThe packet(s) of (1) indicates that the miners are authorized to successfully send out the Routing Request, and the Request triggers the Routing Request Function of the intelligent contract to complete the first stage;
(2) once a Routing request is sent out, the Routing Offer Function of the intelligent contract is automatically executed; this means that an intermediate or destination node capable of forwarding data will respond to the routing request and provide the relevant service within time T, assuming that the response time of these nodes is T, if T > T or the quality assessment of the node cannot meet the QoS requirements of the underlying network, the address of the node will be placed in a grey list; with the update of the network state information, the content of the grey list is continuously updated;
(3) realizing the second stage by adopting an AR-DRL algorithm in the Routing OfferFunction of the intelligent contract; in the process, an AR-DRL algorithm is used, and the optimal next hop is selected for the routing process according to the response condition of all intermediate nodes;
(4) according to the output of the AR-DRL algorithm in the step (3), if all authorized miners achieve consensus, the Routing Accept function of the intelligent contract is automatically executed to realize the third stage, and the algorithm achieving consensus outputs a Routing strategy P*(ωP*) And the link with higher service quality is more likely to become a next hop link when the local server executes a routing process according to the obtained routing strategy.
Further, in step (3), after the user sends a new routing request, the local server automatically selects different next hops through the smart contract according to the network state S, that is, the local server executes different actions a and obtains corresponding rewards R, and through continuous interaction, the local server obtains a series of states, the actions and rewards are as follows { S ═ S1,A1,R1,S2,A2,…,Si+1,Ai+1,Ri+1Is put into the replay buffer as a training set; extracting a certain amount of data from a playback buffer for trainingRefining the algorithm to converge; siRepresenting the state information of the network at time i.
A server responsible for managing the local domain acts as a proxy Agent; in the cross-domain routing scheme, the specific definitions of the State Set, the Action Set and the Reward are as follows:
and (3) state set: in the scheme, the vector S is used for the time delay, the link utilization rate, the node trust value, the topology information and the data flow request information of all links in the network at the moment kkIt is shown that,
wherein DkRepresenting the transmission delay of each pair of nodes at the time k; LU (LU)kThe utilization rate of each link in the network at the moment k is shown;
flow request information indicating time k; t isSk represents topology information of the network at time k, and the state set S is { S ═ S1,S2,...,SkS is also stored in the blockchain;
and (3) action set: the actions include two aspects: one is according to the routing state information
Selecting an optimal network as a switching network of a cross-domain route; secondly, according to the node state information
Finding the optimal next hop node, wherein Tr represents the trust value of each node, and the node state set is S ═ S'1,S′2,...,S′k}; motion vector AkRefers to an action performed at time k, i.e., the next hop network link corresponding to time k, action set a ═ a1,A2,...,Ak}; the path selected by the next hop of the route can be changed by changing the quality of the network link; the higher the quality of a network link, the higher the state action value Q obtained by using the link, and the link becomes the optimal next hop pathThe greater the likelihood of (c);
rewarding: the reward function represents an instant reward for performing a corresponding action in a certain state. The proper definition of the reward helps the Agent to take the best action strategy; in the model, the effective transmission means that the routing Agent finds the next hop meeting the QoS standard and successfully transmits the information; the reward is related to the transmission delay, the smaller the transmission delay, the higher the reward value, and vice versa; the goal is to obtain the minimum transmission delay with the maximum return; reward value R at time kkIs represented by Rk=1/DkWherein D iskRepresents the transmission delay of the link at time k;
further, in step (4), at the beginning of routing, each server initializes the parameters of the Actor network and Critic network, and initializes the playback buffer B; adding certain noise xi in the selected action, and initializing the noise xi; updating network state information and storing the network state information in a block chain; under the condition of cross-domain Routing, a local server firstly sends out a cross-domain Routing request and executes Routing offer function of an intelligent contract; in an Actor estimation network, based on state SiObtain action AiAnd by performing action AiObtain the corresponding reward RiAnd a new state Si+1The obtained information Data' is { S }1,A1,R1,S2,A2,…,SN,AN,RNIs stored in the playback buffer B; extracting L training samples from the playback buffer B, and updating all parameters omega of the Actor network by using a gradient descent methodPAnd all parameters ω of Critic networkQ(ii) a Updating all parameters omega of the Actor target networkP*And all parameters ω of Critic target networkQ*(ii) a Continuing iteration until the algorithm is converged or the maximum training times are reached; if the routing is intra-domain routing, continuing iteration according to the data stored in the block chain until the algorithm is converged; wherein the Actor network takes the state S, S' as its input, and outputs the mean and variance of the action a; the Critic network takes the state S, S 'as input and outputs an estimated state value Q of the S, S'; when the algorithm converges, the output pathPolicy P*(ωP*)。
Further, in step five, the statistical cost includes:
after agreement on the routing path, the relevant operator will perform synchronization and accounting according to the amount of network resources used in the routing across the network domains; the user must pay the relevant fee to the network service provider according to the data recorded in the blockchain; wherein the bill comprises: the total cost of the network resources used, assumed to be b1And the deposit cost generated during the operator registration, assumed to be b2So the bill is b1+b2。
Another objective of the present invention is to provide a heterogeneous converged network seamless trusted cross-domain routing system using the control method for the heterogeneous converged network seamless trusted cross-domain routing system, where the heterogeneous converged network seamless trusted cross-domain routing system includes the following entities:
(1) authorizing the miners AM: the authorized miners are used as pre-authentication nodes of the miner management block chain; authorized miners refer to verifiers with higher authority in the blockchain; a node that is capable and reliable, assuming that a normal authorized miner will not perform untrusted activities, but not fully trusted due to the possibility of failure or attack by an attacker;
(2) a alliance chain CB: the alliance chain mainly provides trust support for information sharing in cross-domain, and the verification efficiency of the alliance chain is higher than that of a public chain; all miners jointly form a alliance chain, a predetermined consensus mechanism is adopted to maintain the whole block chain system, and the generated block chain can be stored in each node in the network as required;
(3) an authentication center AC: each network domain is usually operated by an operator and has one or more authentication centers, which are responsible for registration of nodes in the network and distribution of cross-domain keys and anonymous trusted credentials; each authentication center maintains a local database for storing identity information, authorization information, charging information, key information and other data of network registration nodes;
(4) block chain storage server BSS: the block chain storage server is mainly responsible for storing relevant information used for sharing and transmission in the routing process, and information sharing is completed between each network node and the authentication center through a block chain; wherein the related information comprises routing information and topology information;
(5) network local server NLS: the network local server is mainly responsible for checking the routing type, namely cross-domain routing or intra-domain routing, managing the network in the local domain and cooperating with servers in other domains to promote the routing process;
(6) and (3) node: the system comprises user terminal equipment, a router, a switch, a network function server and a network edge node; the user terminal equipment comprises a mobile terminal, a computer terminal and an airplane;
(7) DRL model: a deep reinforcement learning model obtains an optimal routing strategy through continuous learning based on network state information.
By combining all the technical schemes, the invention has the advantages and positive effects that: the seamless credible cross-domain routing system of the heterogeneous fusion network provided by the invention realizes automatic cross-domain routing through an intelligent contract and a machine learning algorithm; the credibility of the routing node is improved through an excitation mechanism and a consensus mechanism; and according to the network state information provided by the operator in the registration process, the authenticity of the network state information in the routing process is remotely evaluated so as to resist the forgery and the collusion attack of the network operator.
The invention provides a seamless credible cross-domain routing scheme suitable for a heterogeneous converged network by applying a block chain technology. The main idea of the invention is as follows: 1) in order to ensure the credibility of cross-domain routing in the heterogeneous convergence network, a block chain technology is adopted to establish a universal credible platform so as to promote different network operators to realize the cross-domain routing together through cooperation; 2) in order to realize automatic cross-domain routing in a heterogeneous convergence network, the optimal routing strategy is calculated through an automatic routing algorithm based on deep reinforcement learning (AR-DRL); 3) in order to resist the routing attacks such as black hole attacks, selfish behaviors and the like, the invention adopts an excitation mechanism and a consensus mechanism to improve the reliability of routing nodes.
The invention adopts the block chain technology to establish a general trusted platform to realize the trusted cross-domain routing. The invention designs an automatic cross-domain routing algorithm suitable for the heterogeneous fusion network by utilizing the relevant characteristics of the intelligent contract and combining the machine learning technology. The invention ensures the authenticity and reliability of the routing information. On the premise of realizing cross-domain routing, the invention realizes the universality and expandability of the scheme. The invention ensures the high efficiency of routing. Meanwhile, the invention also comprises the following advantages:
(1) seamless trusted automatic cross-domain routing: the invention designs a safe and credible cross-domain routing system, and solves the problem of automatic cross-domain routing in an integrated heterogeneous convergence network. Firstly, the system establishes a distributed trusted platform based on the block chain of the alliance, and can effectively avoid the problem of single point failure of a central system. Secondly, the invention adopts intelligent contracts and combines a deep reinforcement learning algorithm to realize automatic cross-domain routing. In the heterogeneous converged network, operators realize seamless and reliable cross-domain routing by mutually cooperating and providing their topology information to authorized servers as routing references. Finally, the invention also uses the incentive mechanism to motivate the operator and the server to execute the credible behavior.
(2) Authenticity of information and reliability of routing: and each authorization server remotely verifies the authenticity of the topology state information in an off-line manner according to the network state information provided by the operator during registration. And after all the authorization servers achieve consensus, uploading the topological state information to the block chain for future route reference. For each node, the invention introduces a trust measurement mechanism to evaluate the historical behavior of the node and dynamically adjust the trust value of the node, thereby improving the reliability of the route and realizing the reliable transmission of an end-to-end data packet from a source node to a destination node.
(3) Universality: the invention utilizes the block chain to set up a bridge between different networks, and supports seamless credible routing crossing a plurality of network domains in a converged network with certain universality.
(4) And (3) expandability: the system supports joining and revocation of any legitimate user. When a new user joins, the user needs to register with the authentication center and obtain a unique identity. The system connects multiple networks operated by different operators together by providing reliable seamless routing capabilities to form a large-scale heterogeneous converged network.
(5) Efficiency: firstly, in the registration process, each authorization server calculates the information credibility on line according to the network state information provided by the operator during registration so as to ensure the authenticity of the topology information, thereby reducing the requirement on resources in the routing process. Secondly, the block chain can be directly inquired to obtain corresponding data in the routing process, so that the routing efficiency is effectively improved, and meanwhile, the reliability of the routing process is also ensured. Finally, the AR-DRL algorithm requires less sampled data than other algorithms, which also results in relatively high routing efficiency.
The current cross-domain routing schemes are few, and table 2 lists the existing schemes compared with the present scheme.
TABLE 2 comparative analysis of existing work with work herein
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a control method of a seamless trusted cross-domain routing system of a heterogeneous converged network according to an embodiment of the present invention.
Fig. 2 is a model schematic diagram of a seamless trusted cross-domain routing system of a heterogeneous converged network according to an embodiment of the present invention.
Fig. 3 is a block chain architecture diagram according to an embodiment of the invention.
Fig. 4 is a schematic diagram of a specific process of automatic cross-domain routing according to an embodiment of the present invention.
FIG. 5 is a schematic diagram of a training model of the AR-DRL algorithm according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Aiming at the problems in the prior art, the invention provides a seamless credible cross-domain routing system of a heterogeneous converged network and a control method thereof, and the invention is described in detail below with reference to the accompanying drawings.
As shown in fig. 1, the control method for a seamless trusted cross-domain routing system of a heterogeneous converged network according to an embodiment of the present invention includes the following steps:
s101, determining a trust calculation and excitation mechanism;
s102, issuing an intelligent contract;
s103, updating the network state;
s104, constructing a cross-domain intelligent route;
and S105, counting the cost.
The technical solution of the present invention is further described below with the aid of abbreviations.
Abbreviations and key term definitions are shown in table 1.
Table 1 abbreviations
The technical solution of the present invention will be further described with reference to the following examples.
1. System model
The system model is shown in fig. 2, and mainly includes the following types of entities:
(1) authorized Miners (AM): authorized miners are pre-authenticated nodes that act as a miner management block chain. Authorized miners refer to verifiers with higher authority in the blockchain. The present invention assumes that normal authorized miners will not perform untrusted activities because they are considered to be capable and reliable nodes. However, they may fail or be attacked by an attacker and are therefore not fully trusted.
(2) Federation Chain (CB): the alliance chain mainly provides trust support for information sharing in cross-domain, and verification efficiency of the alliance chain is higher than that of a public chain. In this design, all miners collectively form a federation chain and employ a predetermined consensus mechanism to maintain the entire blockchain system. And the generated blockchains may be stored at various nodes in the network as needed.
(3) Authentication Center (AC): each network domain (typically operated by an operator) has one or more authentication centers that are responsible for registration of nodes in the network and distribution of keys and anonymous trusted credentials across the domain. Each authentication center maintains a local database for storing identity information, authorization information, billing information, key information, and other data of network registration nodes.
(4) Block chain Storage Server (BSS): the block chain storage server is mainly responsible for storing relevant information (such as routing information, topology information and the like) used for sharing and transmission in the routing process, and information sharing is completed between each network node and the authentication center through a block chain.
(5) Network Local Server (NLS): the network local server is primarily responsible for checking the type of route (cross-domain or intra-domain), managing the network within the local domain and cooperating with servers in other domains to facilitate the routing process.
(6) And (3) node: the system mainly comprises user terminal equipment (such as mobile terminals, computer terminals, airplanes and other equipment), a router, a switch, a network function server, a network edge node and the like.
(7) DRL model: a deep reinforcement learning model. The model obtains an optimal routing strategy through continuous learning based on network state information.
2. Threat model
In this system, the present invention assumes that the blockchain network is trusted, i.e. no attacker can control the blockchain network by controlling more than half of the server nodes; the invention assumes that normal miners will not make an untrusted action; the selfish node does not intentionally interrupt the routing, but discards the routing messages of other nodes, and meanwhile, the discarded resources are used for routing the message of the selfish node, and the malicious node can intentionally destroy the routing message; the present invention assumes that the nodes are selfish, but will make a rational decision to maximize their profit; the present invention assumes that CB, CC, BSS and NLS are secure and trusted, especially in their own network domain.
In particular, the following attacks may occur on each node:
black hole attack: and the malicious node refuses to participate in routing and data transmission tasks, and discards all received data packets which need to be forwarded. In the present invention, the present invention addresses the situation of collusion through incentive mechanisms based on token rewards and trust.
Gray hole attack: and the malicious node selectively forwards the received data packet to be forwarded and discards the rest data packets.
Collusion attack: multiple malicious nodes collude, providing incorrect routing information to optimize their profit.
Malicious attacks: malicious nodes intentionally provide false suggestions to other nodes. Such attacks can confuse the trust system and degrade its performance.
Denial of service attacks (DoS attacks): DoS attackers interfere with the normal communication of the network by continually sending incorrect or invalid routing information.
Replay attacks: malicious attackers intentionally share some outdated topology information with other nodes, resulting in routing information computation errors.
In the invention, each authorized miner (authorized server) can remotely authenticate the credibility of the topology information based on the network state information provided by the operator during registration so as to effectively resist black hole attacks. The present invention effectively resists collusion and malicious attacks using incentive mechanisms based on token rewards and trust metrics. The system utilizes technologies such as alliance chain, unique identifier and the like to effectively resist attacks such as replay, selfish behavior and the like and can isolate malicious nodes in time.
3. Design objective
The invention mainly aims to develop a safe, seamless, reliable, effective and extensible cross-domain routing scheme for a heterogeneous convergence network.
Therefore, the solution proposed by the present invention must meet the following objectives:
3.1 safety goals
(1) Safety: this solution must be resistant to the above-mentioned potential attacks when the communication subscriber sends a routing request and initiates the routing process. Meanwhile, the scheme must also ensure the safety of information transmission.
(2) Credibility: since heterogeneous converged networks require cooperation of multiple operators to complete cross-domain routing, trusted storage must be provided to ensure the reliability of the information used for the routing process.
3.2 Performance target
(1) Efficiency: the performance of the system should be comparable or better than current routing schemes.
(2) Seamless: the routing and forwarding of data in the heterogeneous converged network not only comprises selecting a proper next hop for a data packet, but also comprises realizing seamless integration of various networks in a network layer. Thus, the solution of the invention should be seamless.
3.3 general applicability
The solution proposed in the present invention should be applicable between different types of networks to satisfy the generality.
3.4 extensibility
The present invention should support the joining or revocation of nodes and users.
4. Preparation work
In this section, some basic techniques used in the present invention are described.
4.1 Smart contracts
The intelligent contracts can be stored in a distributed network in advance, and the predefined codes of the intelligent contracts can be automatically executed by blockchain miners, and the occurrence of blockchains provides a good development platform for the intelligent contracts. When a condition in the intelligent contract is satisfied, the system automatically triggers the contract to execute the corresponding default rule. The execution result of the intelligent contract updates the state of the ledger in the blockchain network, and once the updates are confirmed through a specific consensus mechanism, the updates cannot be tampered with any more, because the updated contents already achieve consensus in the blockchain network. The intelligent contract has three characteristics: autonomy, and dispersibility. The autonomy refers to that once the contract is triggered, the contract is automatically executed according to a preset program; self-sufficiency refers to a contract being able to obtain the required funds by providing a service or issuing an asset; decentralization means that contracts are maintained by all nodes of the entire network, rather than relying on a node.
In the present invention, the present invention uses intelligent contracts to facilitate the implementation of automatic routing in heterogeneous converged networks. In the present system, when a blockchain reaches a consensus, an application containing a set of intelligent contracts can be constructed and published. Once a transaction involving execution of the smart contract is confirmed after the smart contract is initialized in the blockchain network, the contract will generate an address to which any mineworker may send the transaction to execute the contract. Here, the routing request may trigger a contract to automatically perform a routing function, resulting in a routing policy.
4.2 deep reinforcement learning
Based on the network state information, the deep reinforcement learning model obtains the optimal routing strategy through continuous learning.
Reinforcement learning is a model for obtaining optimal strategies through the continuous interaction of agents with the Environment. In the model, an array Data ═ { S, a, R }, is defined, where S represents a set of states, i.e., observations of the environment states by the agent; a represents a set of actions, i.e. according to a policy function p (π)k) (k ═ 1, 2, …) the resulting behavior; r stands for a reward set, i.e. a smart agentFeedback on environmental impact after action a. State S of agent and environmentiInteraction according to a policy function p (π)i) Generating action AiThe environment returns the reward value to the agent, and the environment returns the state SiUpdated to a new state Si+1. The goal of the reinforcement learning model is to make the accumulated reward value R by learning an optimal strategy pisumMaximization of wherein
Gamma is a discount factor, N is the number of interactions, and gamma is greater than 0 and less than or equal to 1. Through continuous interaction, the intelligence can obtain a series of states, actions and rewards, which are as follows:
Data′={S1,A1,R1,S2,A2,…,SN,AN,RN}
reinforcement learning can learn an optimal control strategy through interaction with the environment and can solve the markov decision problem of low-dimensional data. However, for the markov decision problem of high dimensional data, as the state space and complexity increase, the conventional reinforcement learning algorithm (Q-learning) cannot obtain an optimal control strategy. Therefore, for the heterogeneous converged network mentioned in the present invention, the number of nodes and the action space are large, and the problem of explosion of the state space may occur by using the conventional reinforcement learning algorithm. The deep learning can well solve the abstract representation problem of high-dimensional data, and the combination of the reinforcement learning and the deep learning generates the Deep Reinforcement Learning (DRL), which combines the perception capability of the deep learning and the decision capability of the reinforcement learning and can realize the control of the high-dimensional data.
Traditional reinforcement learning is limited to a small motion space and sample space, and is generally applicable to discrete cases. Deep learning can cope with high dimensional input. By combining the two, the intelligent agent has the understanding capability of deep learning and the decision-making capability of reinforcement learning. The Deep Q Network (DQN) is the beginning of successful combination of the two, and it can handle high dimensional input, but it is unable to handle high dimensional action output. For a complex heterogeneous fusion network with a high-dimensional state space and a continuous action space, both traditional reinforcement learning and DQN cannot work. The deep reinforcement learning can solve the situation of a high-dimensional continuous motion space, and a deep deterministic strategy gradient (DDPG) algorithm is one of deep reinforcement learning algorithms and is a deterministic strategy algorithm combined with an Actor-Critic network. The algorithm strategy outputs an action and the algorithm requires relatively little data to sample, which makes the algorithm relatively efficient. Therefore, in the invention, the DDPG algorithm is adopted to solve the problem of complex cross-domain routing with high-dimensional continuous action space in the heterogeneous converged network.
The DDPG algorithm includes a policy network (Actor) for generating actions and a value network (criticc) for evaluating actions, the algorithm including the following four neural networks:
1) actor estimation network (behavior estimation network) P (S, ω)P): responsible for iteratively updating omegaPAnd selecting the current action A according to the current state S, and interacting with the environment to generate S' and R.
2) Actor target network (behavior target network) P*(S,ωP*): responsible for selecting the best next action a 'according to the next state S'. Network parameter ω P*Periodically copied from the ω P.
3) Critic estimation network Q (S, A, omega)Q): responsible for iteratively updating omegaQAnd calculating an estimated Q value Q (S, A, omega)Q)。
4) Critic target network (stateful target network) Q*(S,A,ωQ*): responsible for calculating Q in the target Q value*(S′,A′,ωQ*). Network parameter omegaQ*Periodically from ωQTo (3) copy.
The algorithm takes the information Data' generated by the interaction of the agent and the environment as input, and updates the Actor network and the criticic network. The goal of training the network is to bring the estimated values as close as possible to the target values to obtain an optimal strategy, and the loss function is defined as follows:
L(ωQ)=E(S,A,R,S′){[Y-Q(S,A,ωQ)]2}
J(ωP)=-EQ(S,A)
wherein Y is R + γ Q*(S′,P*(ωP*),ωQ*) Represents the state-action target value, Q (S, A, omega), of the Critic target networkQ) State-action estimates for the criticic target network are shown. For Critic networks, to make the estimated state-action value Q (S, A, ω)Q) Closer to the target state-action value Y, the invention adopts a gradient descent method to minimize the loss function L (omega)Q). For an Actor network, in order for an agent to take an action with a maximum state-action value, the present invention minimizes the loss function J (ω) using a gradient descent methodP). In other words, the present invention contemplates that the agent selects the action with the largest state-action value, and thus, the greater the expected value of the state-action value corresponding to an action, the greater the likelihood of taking that action, J (ω)P) The smaller.
4.3 consensus mechanism
The consensus mechanism is to enable all authorized miners to agree to determine the validity of the topology information and the routing information, so as to prevent the malicious nodes from being tampered. In a proof of authority (PoA) blockchain, a set of verifiers needs to be pre-selected in order to add a new block to the blockchain. The verifier may be selected based on its reputation in the network. The newly generated tile needs to be agreed upon and verified by a verifier before joining the tile chain. Compared with the proof of workload (PoW) and proof of rights (PoS) consensus mechanisms, the PoA consensus mechanism is mainly applicable to federation chains and it has lower requirements on computing power and resource consumption. Thus, the present invention uses the PoA consensus mechanism.
5. Seamless and reliable cross-domain routing protocol
In the invention, the invention provides a safe, seamless, reliable, effective and extensible block chain-based cross-domain routing scheme. In the scheme, a safe block chain integration architecture is designed firstly, and the cooperation among different networks is supported to support cross-domain routing. This architecture enables different operators in a heterogeneous converged network to cooperate with each other in a trusted manner. Secondly, a lightweight trust measurement method is provided to calculate the trust value of the node and establish a trust relationship between operators to support trusted routing. Then, in order to stimulate the cooperation of operators and resist the selfish behavior of the nodes, the invention adopts a stimulation mechanism based on token reward and trust measurement to stimulate the trust behavior of the blockchain miners and the routing nodes. And then, according to the network state information provided by the network operator in the registration process, remotely evaluating the authenticity of the network state information in the routing process so as to resist the counterfeiting and collusion attacks of the network operator. On the basis, a credible routing scheme based on a block chain and deep reinforcement learning is provided, and automatic cross-domain routing in a heterogeneous fusion network is realized. Finally, after agreement on the route, the operator performs synchronization and charging according to the amount of network resources used.
Next, the present invention first introduces a trust calculation method and an incentive mechanism for evaluating the trust value of a network node and for invoking it to do so. The invention then describes how to issue an intelligent contract for cross-domain routing, followed by introducing the process of network status updates. Finally, in order to realize seamless cross-domain routing, the invention designs an AR-DRL algorithm which is based on a block chain and a DDPG algorithm to obtain an optimal routing strategy.
5.1 Trust computation and incentive mechanism
In the routing process of the heterogeneous converged network, selfish behavior of the nodes may cause communication failure. Most users may be selfish and they may refuse to collaborate by worrying about their own energy and bandwidth consumption. Thus, each user should receive a satisfactory reward to compensate for the resources they consume in the collaboration. Incentive mechanisms based on token rewards and trust metrics may incentivize trust behavior of nodes in a heterogeneous converged network to facilitate cooperation among the nodes. First, each node in the network registers with the certificate authority, obtains a random unique ID and generates a unique address Add for itself. Then, each network authorizes the node with the highest internal trust degree as an authorized miner of the block chain according to the trust values of different nodes, and stores the trust values of all the nodes in the block chain. In order to improve the credibility and the collaboration of authorized miners, the invention introduces a threshold lambda to determine the credibility of any node in the network. If Tr (i, j) ≧ λ, the node is trusted. Otherwise, the node is malicious. Nodes that are evaluated as trusted are considered cooperative nodes and are eligible to obtain tokens (available for consumption) as rewards. Malicious nodes will be penalized to be added to the grey list. In order to strengthen punishment on malicious nodes and improve the public confidence of the nodes, the punishment on the nodes is set to be far greater than the reward. The incentive mechanism calculation process based on the trust value is as follows:
wherein g is1Is a reward factor, g2Is a penalty factor, g2>>g1. Since the heterogeneous converged network environment is constantly changing, a trusted node may become an untrusted node. Thus, this section proposes a dynamic trust evaluation mechanism:
a. direct trust
The direct trust refers to the direct evaluation of the trust value of the node j by the node i at the current moment, and the evaluation result is stored in the local database of the node. In the routing process, a data packet sent by a source node is transmitted to a neighbor node j through a node i, the node i monitors the forwarding condition of the node j when sending the data packet, and a direct trust value Tr from the node i to the node j is calculated according to the monitoring resultD(i, j) and storing the trust value calculation result in a node local database. The calculation of the direct trust value may be expressed as:
wherein, TrD k-1(i, j) represents the direct trust value of the node i to the node j according to the historical behavior of the node j, that is, the node i can query the trust value database of the node j to find the nodeHistorical trust data for j; srD(i,j)=λ1Pj+λ2NjRepresenting the credibility evaluation of the node j by the node i by using an intrusion detection system; pjAnd NjRespectively representing the positive and negative evaluation of the intrusion detection system on the current behavior of the user j, lambda1,λ2Set according to the condition of the intrusion detection system, and lambda1+λ2Is greater than 0. zr (i, j) represents the number of successful forwarding in the data packet received by node j from node i; fr (i, j) represents the number of drops in the data packet received by node j from node i; the parameter α represents a decay time factor that represents the degree of decay of the historical trust value over time and 0 < α < 1.
b. Recommending trust
And the node i initiates a calculation process of the recommended trust value to the neighbor node, and further evaluates the node j. The specific calculation process of the recommended trust value is as follows: the node i broadcasts and sends any value inquiry information to the neighbor nodes and initiates a calculation process of the recommended trust value; after receiving the query information, the neighbor node of the node i queries the local database record, if the database has a trust value related to the node j, a response message is sent, and the direct trust value calculation result of the node j is sent to the node i; if the trust value database of n (n is more than 2) nodes in the neighbor nodes of the node i has a direct trust value calculation result of the node j, for each recommender e, calculating a corresponding weight factor xie:
Wherein, TrD(i, e) represents the direct trust value calculation result of the node i to the node e, the higher the value of the direct trust value calculation result, the higher the credibility of the node e, and the corresponding weighting factor xieThe larger the recommendation opinion indicating the node e is, the larger the proportion of the recommendation opinion of the node e in the final recommendation trust value is. The recommended trust value calculation for a node may thus be expressed as:
c. integrated trust value
Calculating the comprehensive trust value of the node according to the direct trust value and the recommended trust value of the node as follows:
d. dynamic trust value
The behavior of the nodes in the heterogeneous convergence network changes along with the time, the previously calculated node trust value attenuates along with the time, and the trust state of the current node cannot be truly embodied. In order to ensure the dynamic and comprehensive calculation of the trust value of the node, the dynamic trust value Tr (i, j) of the node needs to be calculated:
Tr(i,j)=αθ1TrC old(i,j)+θ2TrCnew(i,j)
wherein, TrC old(i,j),TrC new(i, j) respectively represent the historical integrated trust value and the current integrated trust value of the node. Beta theta1,θ2Is a weighting factor, and because the current integrated confidence value has a better reference value than the historical integrated confidence value, θ1,θ2Satisfies the relation 0 < theta1<θ2<1,θ1+θ 21 is ═ 1; alpha is a decay factor representing the degree of decay of the historical confidence value over time and 0 < alpha < 1.
5.2 issuing Intelligent contracts
Each operator authorizes an AM as an administrator of the blockchain to achieve security and trustworthiness of the network. On the basis, the invention utilizes the intelligent contract to promote the automatic routing of the heterogeneous converged network. Therefore, the system model designed by the invention ensures the correctness of the execution of the intelligent contract function.
When an intelligent contract is created, an address is generated for the contract, and then each operator negotiates and sends the same number of tokens to the address to generate the intelligent contract. When all operators agree based on the POA agreement mechanism, the intelligent contract is issued. In the routing process, all routing requests are sent to the intelligent contract. Once a routing request is issued, the intelligent contract will automatically perform the routing process.
Intelligent contract-based automatic routing includes three phases: the first stage is used for sending a routing request; the second stage is used for establishing a routing link; the third phase is used to maintain the route. The first stage comprises a Routing Request Function: the source user sends a routing request packet to the local domain server, and the local server determines the routing type according to the address of the destination node. If cross-domain routing is needed, the server sends a routing request to the intelligent contract; the second stage comprises Routing Offer Function: each intermediate or destination node receiving the route request packet may respond by sending a route reply message to the source user. The invention specifies a threshold value for response time T, and if T > T, the intermediate nodes are placed in a grey list. In this process, the invention uses the AR-DRL algorithm (see details 5.5) to select the best next hop for the routing process according to all intermediate response nodes; the third stage includes a Routing Accept Function: when all authorized miners agree on the routing strategy output by the AR-DRL algorithm, the server sends the data packet to the target node according to the routing strategy. Note that the information in the grey list is used to inform other source users that the intermediate node is no longer reachable. After determining the routing policy, the irrelevant nodes in the grey list are released.
5.3 network status update
5.3.1 blockchain architecture
And considering the efficiency and reliability of the alliance blockchain and the heterogeneous convergence network subnet alliance, and adopting the alliance blockchain to construct a reliable management platform. The block chain is a chain structure connected by blocks and stores transaction information of the network, wherein each block comprises a block head and a block body.
In the present system, 1) the chunk header includes version information, parent hash, difficulty of generating the chunk, timestamp of generating the chunk, and hash value of the Merkle tree; 2) the block contains data of all network nodes in the block creation and verification processTraffic information (including routing information and network state information). The block chain structure is shown in FIG. 3, where Pi(i ═ 1, 2.., n) denotes transaction information.
5.3.2 network status update
Step 1: the operator wants to participate in the cross-domain routing process, and needs to register in the authentication center first and transfer part of the tokens to the corresponding authentication center as deposit to avoid selfish and collusion behaviors. At registration, each operator provides its own topology information TS and network state information NS. For convenience of description, topology information TS ═ { G, H }, where G denotes a set of switches in an actual network; h denotes a physical link in an actual network. In the present invention, the network state information (network performance) is represented by the following set:
NS={LU(…),C(…),D(…),B(…),T(…)}
wherein LU (…) represents link utilization for each link in the network, which represents the ratio of the amount of traffic allocated in the link to the link bandwidth; c (…) represents the bandwidth of the network link; d (…) represents network latency; b (…) represents link reachability, and T (…) represents link throughput. Network performance needs to meet basic network QoS standards and packet loss rates, otherwise a network that is considered unreasonable and has no routing and forwarding capabilities.
Step 2: the probability of each operator lying is different and therefore the trustworthiness and authenticity of the status and topology information needs to be determined. Before routing, each authorized miner can remotely authenticate the current network quality information provided by the operator according to the topology information and the network state information provided by the operator in the registration process. If the authentication result is: the current network information (topology information, network status information) does not differ significantly from the information at registration or remains within acceptable error limits and all authorized miners agree on the authentication result, which operator is trusted. Otherwise, the operator is malicious.
And step 3: it is assumed that the topology information of the operator can be divided into two cases: 1) the topology information is fixed and can be publicly verified; 2) the topology information changes dynamically. The network status update procedure for the above two cases is as follows:
1) the topological information is fixed and unchanged: the operator issues its topology information TS, and everyone can publicly verify the authenticity of its topology state information. If all authorized miners agree on the authentication result, according to step 2, it is indicated that the information provided by the operator is reliable. According to the PoA consensus mechanism, the verified topology information is stored in the blockchain, and the routing related information (source address and destination address) is transferred to the intelligent contract through token transaction.
2) If the topology of the operator changes dynamically within a period of time, the validity of the topology information needs to be verified offline at the authentication center, and then step 2 is performed to determine whether the operator provides real topology information for cross-domain routing, and the verified topology information is also stored in the block chain. If the topology changes again, the above offline verification needs to be repeated.
And 4, step 4: if the information provided by one operator is authentic and of good quality of service, that operator will additionally obtain some tokens as a reward or receive a portion of a refund deposit to promote his honesty. Otherwise, the operator's deposit will increase, i.e., the operator will need to give an additional portion of tokens as a deposit.
5.4 Cross-Domain Intelligent routing
When a user in the local domain sends a new route request packet P to the local serverUser=(AddUserSou, Des), the local server first determines whether cross-domain routing is required (i.e., the type of route is determined by the start and end points of the data, if they are in the same domain, cross-domain routing is not required, and vice versa). At PUserIn (ad)UserIs the unique identity address of the user, Sou is the information of the source node and Des is the information of the destination node. Then, in order to establish the cross-domain routing link, the local server issues a "establish cross-domain routing" request to the local blockchain authorized miner. As shown in fig. 4, the specific process of automatic cross-domain routing is as follows:
step 1: according to 5.1 and 5.3.2, network state information is collected, measured, updated and stored inBlock chains. If a new route request is received, the local block chain authorizes miners to send the route request data packet PUserAnd its identification address AddMinerTo the intelligent contract address AddContrat. If the tape Add is detected in the smart contractMinerThe packet(s) in (b) indicates that the miners are authorized to successfully issue the Routing Request, and the Request triggers the Routing Request Function of the intelligent contract (as shown in the first stage 5.2) to complete the first stage.
Step 2: once the Routing request is issued, the Routing Offer Function of the intelligent contract (as shown in the second phase 5.2) will be automatically executed. This means that an intermediate or destination node capable of forwarding data will respond to the routing request and provide the relevant service within time T, and assuming that the response time of these nodes is T, if T > T or the quality assessment of the node fails to meet the QoS requirements of the underlying network, the address of the node will be placed in a grey list. Moreover, as network status information is updated, the contents of the grey list are continuously updated.
And step 3: in order to realize the optimal Routing, the invention adopts AR-DRL algorithm to realize the second stage in the Routing Offer Function of the intelligent contract. In the process, the invention uses an AR-DRL algorithm to select the optimal next hop for the routing process according to the response condition of all intermediate nodes. The training model of the AR-DRL algorithm is shown in fig. 5.
In fig. 5, after the user sends a new routing request, the local server automatically selects different next hops through the smart contract according to the network status S, that is, the local server executes different actions a and obtains corresponding rewards R, and through continuous interaction, the local server obtains a series of statuses, such as Data { S ═ S1,A1,R1,S2,A2,…,Si+1,Ai+1,Ri+1}. They are placed as a training set into the replay buffer. To avoid data dependency, a certain amount of data is extracted from the playback buffer for training to converge the algorithm. SiRepresenting the state information of the network at time i. The method comprises the following steps: in an Actor estimation network, a local server acts asFront state SiPerforming action Ai(ii) a Secondly, the step of: critic estimation network from state SiAnd action Ai(ii) a ③: evaluating performing action AiThe effect of (a), namely: obtaining an estimated state action value Q (A)i) (ii) a Fourthly, the method comprises the following steps: obtaining an estimated state action value Q (A)i) And the target state action value Q (A) in the symbol is added to the symboli+1) Performing loss function operation; fifthly: in the execution of action AiThe local server then receives the corresponding reward RiAt this time, the state of the network will change to a new state Si+1(ii) a Sixthly, the method comprises the following steps: in the Actor target network, the local server is in the new state Si+1Down execution of New action Ai+1(ii) a Seventh, the method comprises the following steps: critic target network according to state Si+1And action Ai+1Evaluating performing action Ai+1The effect of (a), namely: obtaining a target state action value Q (A)i+1) (ii) a And (v): obtaining a target state action value Q*(Ai+1) Combined with Q (A) in (iv)i) Calculating a loss function L; ninthly: in order to make the estimated state motion value close to the target state motion value, it is necessary to minimize the loss function and update the correlation parameter ωQ(ii) a R: the local server must preferentially select the action corresponding to the maximum state action value Q as the next operation, i.e. the larger the state action value Q corresponding to a certain action, the more likely it is to take the action. Therefore, in order to find the action with the state action value Q being the maximum, the invention needs to minimize J. The iteration continues until the iteration terminates when the algorithm converges or the maximum training set is reached. When the algorithm converges, a series of actions corresponding to the maximum state action value Q in each hop is the optimal action policy, i.e. the optimal routing policy.
In this system, a server responsible for managing a local domain acts as an Agent (Agent). In the cross-domain routing scheme, the specific definitions of the State Set (State Set), the Action Set (Action Set) and the Reward (Reward) are as follows:
and (3) state set: in the scheme, the vector S is used for the time delay, the link utilization rate, the node trust value, the topology information and the data flow request information of all links in the network at the moment kkIt is shown that,
wherein DkRepresenting the transmission delay of each pair of nodes at the time k; LU (LU)kThe utilization rate of each link in the network at the moment k is shown;
flow request information indicating time k; TS (transport stream)kRepresenting topology information of the network at time k, the state set S ═ S1,S2,...,SkS are also stored in the blockchain.
And (3) action set: the actions include two aspects: one is according to the routing state information
Selecting an optimal network as a switching network of a cross-domain route; secondly, according to the node state information
Finding the optimal next hop node, wherein Tr represents the trust value of each node, and the node state set is S '═ S'1,S′2,...,S′k}. Motion vector AkRefers to an action performed at time k, i.e., the next hop network link corresponding to time k, action set a ═ a1,A2,...,Ak}. The path selected by the next hop of the route may be changed by changing the quality of the network link. The higher the quality of a network link, the higher the state action value Q obtained using the link, the higher the possibility that the link will become the optimal next hop path.
Rewarding: the reward function represents an instant reward for performing a corresponding action in a certain state. Proper definition of consideration helps agents take the best action strategy. In the model, effective transmission refers to that a routing Agent finds a next hop meeting QoS standards and successfully transmits information. Thus, the reward is related to the transmission delay, the smaller the transmission delay, the higher the reward value, and vice versa. In order to provide a high efficiency for the userThe goal of the routing service of (1) is to achieve the minimum transmission delay with the maximum return. Reward value R at time kkIs represented by Rk=1/DkWherein D iskRepresenting the transmission delay of the link at time k.
And 4, step 4: according to the output of the AR-DRL algorithm in step 3, if all authorized miners agree, the Routing Accept Function of the intelligent contract (as shown in the third stage 5.2) will automatically execute to implement the third stage. Consensus-achieved algorithm output (routing policy P)*(ωP*) Will be uploaded and stored in the blockchain. According to the obtained routing strategy, the local server executes the routing process, and the link with higher service quality is more likely to become the next hop link.
The pseudo code of the best next hop is found using the AR-DRL algorithm. At the start of routing, each server initializes the parameters of the Actor network and Critic network. In order to reduce the dependency of the data, a replay buffer is required, and thus, the replay buffer B (line 1) needs to be initialized. To increase the randomness of the learning process, it is necessary to add a certain noise ξ in the selected action and to initialize the noise ξ (line 3). The network state information is updated and stored in the blockchain (line 4). In the case of cross-domain routing, the local server first issues a cross-domain routing request and executes the routingOfferFunction of the intelligent contract (lines 5-10). Then, in the Actor estimation network, based on the state SiObtain action AiAnd by performing action AiTo obtain a corresponding reward RiAnd a new state Si+1Then, the obtained information Data' is { S }1,A1,R1,S2,A2,…,SN,AN,RNIs stored in the replay buffer B (lines 11-13). L training samples are extracted from the playback buffer B (line 14), and all parameters ω of the Actor network are updated by gradient descentPAnd all parameters omega of Critic networkQ(lines 15-17). Then all parameters omega of the Actor target network are updatedP*And all parameters ω of Critic target networkQ*(line 18). The iteration is continued until the algorithm converges or reachesThe iteration is completed by the maximum number of training passes (line 19). If intra-domain routing, it will continue to iterate through lines 11-19 based on the data stored in the blockchain until the algorithm converges (lines 25-28). In particular, the Actor network takes as its input the state S, S', and outputs the mean and variance of the action a. The criticic network takes the state S, S 'as input and outputs an estimated state value Q of S, S'. Finally, when the algorithm converges, the routing strategy P is output*(ωP*) (lines 29-31).
The AR-DRL algorithm is as follows:
6. statistical cost
In reality, no one is willing to participate in resource consumption work for a free. After agreement on the routing path, the relevant operator will perform synchronization and accounting according to the amount of network resources used in the cross-network domain routing process. The user must pay the associated fee to the network service provider based on the data recorded in the blockchain. The bill includes: the total cost of the network resources used (assumed to be b)1) And the deposit cost (assumed as b) generated during the operator registration2) So the bill is b1+b2。
The invention provides a block chain-based heterogeneous convergence network cross-domain routing trusted platform. Automatic cross-domain routing is achieved through intelligent contracts and machine learning algorithms. The credibility of the routing node is improved through an incentive mechanism and a consensus mechanism. And the authenticity of the network state information in the routing process is remotely evaluated according to the network state information provided by the operator in the registration process so as to resist the forgery and the collusion attack of the network operator.
The invention adopts the block chain technology to establish a general trusted platform to realize the trusted cross-domain routing. The invention designs an automatic cross-domain routing algorithm suitable for the heterogeneous fusion network by utilizing the relevant characteristics of the intelligent contract and combining the machine learning technology. The invention ensures the authenticity and reliability of the routing information. On the premise of realizing cross-domain routing, the invention realizes the universality and expandability of the scheme. The invention ensures the high efficiency of routing.
The invention has the advantages that:
1) seamless trusted automatic cross-domain routing: the invention designs a safe and credible cross-domain routing system, and solves the problem of automatic cross-domain routing in an integrated heterogeneous convergence network. Firstly, the system establishes a distributed trusted platform based on the block chain of the alliance, and can effectively avoid the problem of single point failure of a central system. Secondly, the invention adopts intelligent contracts and combines a deep reinforcement learning algorithm to realize automatic cross-domain routing. Thirdly, in the heterogeneous converged network, operators realize seamless and reliable cross-domain routing by cooperating with each other and providing their topology information to authorized servers as routing references. Finally, the invention also uses an incentive mechanism to encourage the operator and the server to execute credible behaviors.
2) Authenticity of information and reliability of routing: and each authorization server remotely verifies the authenticity of the topology state information on line according to the network state information provided by the operator during registration. And after all the authorization servers achieve consensus, uploading the topological state information to the block chain for future route reference. For each node, the invention introduces a trust measurement mechanism to evaluate the historical behavior of the node and dynamically adjust the trust value of the node, thereby improving the reliability of the route and realizing the reliable transmission of an end-to-end data packet from a source node to a destination node.
3) Universality: the invention utilizes the block chain to set up a bridge between different networks, and supports seamless credible routing crossing a plurality of network domains in a converged network with certain universality.
4) And (3) expandability: the system supports joining and revocation of any legitimate user. When a new user joins, the user needs to register with the authentication center and obtain a unique identity. The system connects multiple networks operated by different operators together by providing reliable seamless routing capability to form a large-scale heterogeneous converged network.
5) Efficiency: firstly, in the registration process, each authorization server calculates information credibility offline according to network state information provided by an operator during registration so as to ensure the authenticity of topology information, and thus, the requirement on resources in the routing process is reduced. Secondly, the block chain can be directly inquired to obtain corresponding data in the routing process, so that the routing efficiency is effectively improved, and meanwhile, the reliability of the routing process is also ensured. Finally, the AR-DRL algorithm requires less sampled data than other algorithms, which also results in relatively high routing efficiency.
The current cross-domain routing schemes are few, and table 2 lists the existing schemes compared with the present scheme.
TABLE 2 comparative analysis of existing work with work herein
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When used in whole or in part, can be implemented in a computer program product that includes one or more computer instructions. When loaded or executed on a computer, cause the flow or functions according to embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL), or wireless (e.g., infrared, wireless, microwave, etc.)). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The above description is only for the purpose of illustrating the present invention and the appended claims are not to be construed as limiting the scope of the invention, which is intended to cover all modifications, equivalents and improvements that are within the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. A control method of a seamless credible cross-domain routing system of a heterogeneous converged network is characterized in that the control method of the seamless credible cross-domain routing system of the heterogeneous converged network comprises the following steps: evaluating the trust value of the network node and stimulating the honest behavior of the network node through a trust calculation method and an incentive mechanism; issuing an intelligent contract for cross-domain routing and determining a network state updating process; and designing an AR-DRL algorithm which is based on the block chain and the DDPG algorithm to obtain an optimal routing strategy and realize seamless cross-domain routing.
2. The method for controlling the seamless trusted cross-domain routing system for the heterogeneous converged network according to claim 1, wherein the method for controlling the seamless trusted cross-domain routing system for the heterogeneous converged network comprises the steps of:
step one, determining a trust calculation and excitation mechanism;
step two, issuing an intelligent contract;
step three, updating the network state;
step four, constructing a cross-domain intelligent route;
and step five, counting the cost.
3. The method for controlling a seamless trusted cross-domain routing system for a heterogeneous converged network according to claim 2, wherein in step one, the trust calculation and incentive mechanism comprises:
(1) each node in the network registers to a certificate center, obtains a random unique ID and generates a unique address Add for the node; each network authorizes the node with the highest internal trust degree as an authorized miner of the block chain according to the trust values of different nodes, and stores the trust values of all the nodes in the block chain; a threshold lambda is introduced to determine the trust level of any node in the network, and if Tr (i, j) is more than or equal to lambda, the node is trusted; otherwise, the node is malicious; nodes that are assessed as trustworthy are considered cooperative nodes and are eligible for tokens available for consumption as rewards; adding the malicious nodes into a grey list to be punished, and setting punishment on the nodes to be far greater than reward; wherein the trust value-based incentive mechanism is calculated as follows:
wherein, g1Is a reward factor, g2Is a penalty factor, g2>>g1;
(2) Determination of dynamic trust evaluation mechanism:
1) direct trust
The direct trust refers to the direct evaluation of the trust value of the node j by the node i at the current moment, and the evaluation result is stored in the local database of the node; in the routing process, a data packet sent by a source node is transmitted to a neighbor node j through a node i, the node i monitors the forwarding condition of the node j when sending the data packet, and a direct trust value Tr from the node i to the node j is calculated according to the monitoring resultD(i, j) and storing the trust value calculation result in a node local database; wherein the calculation of the direct trust value may be represented as:
wherein, TrD k-1(i, j) represents the direct trust value of the node i to the node j according to the historical behavior of the node j, that is, the node i can query the trust value database of the node j to find the historical trust data of the node j; srD(i,j)=λ1Pj+λ2NjRepresenting the credibility evaluation of the node j by the node i by using an intrusion detection system; pjAnd NjRespectively representing the positive and negative evaluation of the intrusion detection system on the current behavior of the user j, lambda1,λ2Set according to the condition of the intrusion detection system, and lambda1+λ2Is greater than 0; zr (i, j) represents the number of successful forwardings in the data packet received by node j from node i; fr (i, j) represents the number of drops in the data packet received by node j from node i; the parameter alpha represents a decay time factor which represents the decay degree of the historical trust value along with time, and alpha is more than 0 and less than 1;
2) recommending trust
The node i initiates a calculation process of the recommended trust value to the neighbor node, and further evaluates the node j; the specific calculation process of the recommended trust value is as follows:
the node i broadcasts and sends any value inquiry information to the neighbor nodes and initiates a calculation process of the recommended trust value; after receiving the query information, the neighbor node of the node i queries the local database record, if the database has a trust value about the node j, a response message is sent, and the direct trust value calculation result of the node j is sent to the node i; if the trust value database of n (n is more than 2) nodes in the neighbor nodes of the node i has a direct trust value calculation result of the node j, for each recommender e, calculating a corresponding weight factor xie:
Wherein, TrD(i, e) represents the direct trust value calculation result of the node i to the node e, the higher the value of the direct trust value calculation result, the higher the credibility of the node e, and the corresponding weighting factor xieThe larger the recommendation, the node e isThe larger the proportion of the final recommended trust value is, the calculation of the recommended trust value of the node can be expressed as:
3) integrated trust value
Calculating the comprehensive trust value of the node according to the direct trust value and the recommended trust value of the node as follows:
4) dynamic trust value
Computing the dynamic trust value Tr (i, j) of the node:
Tr(i,j)=αθ1TrC old(i,j)+θ2TrC new(i,j);
wherein, TrC old(i,j),TrC new(i, j) respectively representing a historical integrated trust value and a current integrated trust value of the node; beta theta1,θ2Is a weighting factor, and because the current integrated confidence value has a better reference value than the historical integrated confidence value, theta1,θ2Satisfies the relation 0 < theta1<θ2<1,θ1+θ21 is ═ 1; alpha is a decay factor representing the degree of decay of the historical confidence value over time and 0 < alpha < 1.
4. The method for controlling the seamless trusted cross-domain routing system in the heterogeneous converged network according to claim 2, wherein in the second step, the issuing of the intelligent contract comprises:
facilitating automatic routing of a heterogeneous converged network using intelligent contracts: when an intelligent contract is created, firstly generating an address for the contract, each operator negotiates and sends tokens with the same quantity to the address to generate the intelligent contract; when all operators reach consensus based on the POA consensus mechanism, the intelligent contract is issued; in the routing process, all routing requests are sent to the intelligent contract; once a routing request is sent out, the intelligent contract automatically executes a routing process;
intelligent contract-based automatic routing includes three phases: the first stage is used for sending a routing request; the second stage is used for establishing a routing link; the third phase is used for maintaining the route; the first stage comprises a Routing Request Function: a source user sends a routing request packet to a local domain server, and the local server determines a routing type according to an address of a destination node; if cross-domain routing is needed, the server sends a routing request to the intelligent contract; the second stage comprises Routing Offer Function: each intermediate node or destination node receiving the routing request packet may respond by sending a routing reply message to the source user; specifying a threshold value for response time T, if T > T, the intermediate node will be placed in a grey list; using an AR-DRL algorithm to select the optimal next hop for the routing process according to all intermediate response nodes; the third stage includes a Routing Accept Function: when all authorized miners reach the agreement on the routing strategy output by the AR-DRL algorithm, the server sends the data packet to the target node according to the routing strategy; the information in the grey list is used for informing other source users that some intermediate nodes are no longer reachable; after determining the routing policy, the irrelevant nodes in the grey list will be released.
5. The method for controlling a seamless trusted cross-domain routing system for a heterogeneous converged network according to claim 2, wherein in step three, the network status update comprises:
(1) block chain structure
Adopting a block chain of alliances to construct a reliable management platform; the block chain is a chain structure connected by blocks and stores transaction information of a network, wherein each block comprises a block head and a block body;
wherein the block header comprises version information, parent hash, difficulty of generating the block, timestamp of generating the block, and hash value of the Merkle tree; the block body comprises data and transaction information of all network nodes in the block creating and verifying process; wherein the transaction information comprises routing information and network state information;
(2) network status update
1) An operator wants to participate in a cross-domain routing process, firstly registers in an authentication center, and transfers part of tokens to a corresponding authentication center to be used as deposit; during registration, each operator provides own topology information TS and network state information NS; topology information TS ═ { G, H }, G representing a set of switches in an actual network; h denotes a physical link in an actual network; network state information, i.e. network performance, is represented by the following set:
NS={LU(…),C(…),D(…),B(…),T(…)};
wherein LU (…) represents link utilization for each link in the network, which represents the ratio of the amount of traffic allocated in the link to the link bandwidth; c (…) represents the bandwidth of the network link; d (…) represents network latency; b (…) represents link reachability, and T (…) represents link throughput; network performance needs to meet basic network QoS standards and packet loss rates, otherwise it would be considered an unreasonable network with no routing and forwarding capabilities;
2) before routing, each authorized miner can remotely authenticate the current network quality information provided by an operator according to the topology information and the network state information provided by the operator in the registration process; if the authentication result is: the current network information is not significantly different from the information at the time of registration or is kept within an acceptable error range, and all authorized miners agree on the authentication result, so that the operator is credible; otherwise, the operator is malicious; wherein the network information comprises topology information and network state information;
3) it is assumed that the topology information of the operator can be divided into two cases: the topology information is fixed and can be publicly verified; the topology information changes dynamically. The network status update procedure for both cases is as follows:
topology information is fixed and unchanged: an operator issues topology information TS, and everyone can publicly verify the authenticity of the topology state information; according to step 2), if all authorized miners agree on the authentication result, the information provided by the operator is reliable; according to a PoA consensus mechanism, the verified topology information is stored in a block chain, and routing related information is transmitted to an intelligent contract through token transaction; wherein the routing related information comprises a source address and a destination address;
if the topology of the operator dynamically changes within a period of time, verifying the validity of the topology information offline in the authentication center, executing the step (2) to determine whether the operator provides real topology information for cross-domain routing, wherein the verified topology information is stored in a block chain; repeating the offline verification if the topology is changed again;
4) if the information provided by an operator is real and the service quality is good, the operator will additionally obtain some tokens as reward or receive a part of refund deposit to promote its honesty; otherwise, the operator's deposit will increase, i.e., the operator will need to give an additional portion of tokens as a deposit.
6. The method for controlling a seamless trusted cross-domain routing system for a heterogeneous converged network of claim 2, wherein in step four, the cross-domain intelligent routing comprises:
when a user in the local domain sends a new route request packet P to the local serverUser=(AddUserSou, Des), the local server first determines whether cross-domain routing is required, i.e. determines the type of routing by the start point and end point of the data, if the start point and end point are in the same domain, cross-domain routing is not required, and vice versa; at PUserIn (ad)UserIs the unique identity address of the user, Sou is the information of the source node, and Des is the information of the destination node; the local server sends a request of establishing a cross-domain route to a local block chain authorized miner, and establishes the cross-domain route; the process of the link automatic cross-domain routing is as follows:
(1) collecting, measuring, updating and storing network state information in a block chain; if a new route request is received, the local block chain authorizes miners to send the route request data packet PUserAnd its identification address AddMinerSent to the intelligent contract address AddContrat(ii) a If the tape Add is detected in the smart contractMinerThe packet(s) of (1) indicates that the authorized miners successfully send out the Routing Request, and the Request triggers the Routing Request Function of the intelligent contract to complete the first stage;
(2) once a Routing request is sent out, the Routing Offer Function of the intelligent contract is automatically executed; this means that an intermediate or destination node capable of forwarding data will respond to the routing request and provide the relevant service within time T, assuming that the response time of these nodes is T, if T > T or the quality assessment of the node cannot meet the QoS requirements of the underlying network, the address of the node will be placed in a grey list; with the update of the network state information, the content of the grey list is continuously updated;
(3) realizing the second stage by adopting an AR-DRL algorithm in the Routing Offer Function of the intelligent contract; in the process, an AR-DRL algorithm is used, and the optimal next hop is selected for the routing process according to the response condition of all intermediate nodes;
(4) according to the output of the AR-DRL algorithm in the step (3), if all authorized miners achieve consensus, the Routing Accept Function of the intelligent contract is automatically executed to realize the third stage, and the algorithm achieving consensus outputs a Routing strategy
The link with higher service quality is more likely to become a next hop link when the local server executes a routing process according to the obtained routing strategy.
7. The method as claimed in claim 6, wherein in step (3), after the user sends a new routing request, the local server automatically selects different next hops according to the network status S through a cross-domain routing algorithm, that is, the local server performs different actions A and obtains corresponding rewards R, and after continuous interaction, the local server obtains a series of statuses, actions and rewardsData as follows ═ S1,A1,R1,S2,A2,…,Si+1,Ai+1,Ri+1Is put into the replay buffer as a training set; extracting a certain amount of data from the playback buffer area to train so that the algorithm converges; siIndicating the state information of the network at the time i;
a server responsible for managing the local domain acts as a proxy Agent; in the cross-domain routing scheme, the specific definitions of the State Set, the Action Set and the Reward are as follows:
and (3) state set: in the scheme, the vector S is used for the time delay, the link utilization rate, the node trust value, the topology information and the data flow request information of all links in the network at the moment kkIt is shown that,
wherein DkRepresenting the transmission delay of each pair of nodes at the time k; LU (LU)kThe utilization rate of each link in the network at the moment k is shown;
flow request information indicating time k; TS (transport stream)kRepresenting topology information of the network at time k, the state set S ═ S1,S2,...,SkS is also stored in the blockchain;
and (3) action set: the actions include two aspects: one is according to the routing state information
Selecting an optimal network as a switching network of a cross-domain route; secondly, according to the node state information
Finding the optimal next hop node, wherein Tr represents the trust value of each node, and the node state set is S ═ S'1,S′2,...,S′k}; motion vector AkRefers to an action performed at time k, i.e. corresponding at time kNext hop network link of (a), action set a ═ a1,A2,...,Ak}; the path selected by the next hop of the route can be changed by changing the quality of the network link; the higher the quality of a network link is, the higher the state action value Q obtained by using the link is, the higher the possibility that the link becomes the optimal next hop path is;
rewarding: the reward function represents an instant reward for executing a corresponding action in a certain state; the proper definition of the reward helps the Agent to take the best action strategy; in the model, the effective transmission means that the routing Agent finds the next hop meeting the QoS standard and successfully transmits the information; the reward is related to the transmission delay, the smaller the transmission delay, the higher the reward value, and vice versa; the goal is to obtain the minimum transmission delay with the maximum return; reward value R at time kkIs represented by Rk=1/DkWherein D iskRepresenting the transmission delay of the link at time k.
8. The method for controlling a seamless trusted cross-domain routing system for heterogeneous converged networks according to claim 6, wherein in step (4), at the start of routing, each server initializes parameters of an Actor network and a Critic network and initializes a replay buffer B; adding certain noise xi in the selected action, and initializing the noise xi; updating and storing network state information in a blockchain; under the condition of cross-domain Routing, a local server firstly sends out a cross-domain Routing request and executes a Routing Offer Function of an intelligent contract; in an Actor estimation network, based on state SiObtain action AiAnd by performing action AiTo obtain a corresponding reward RiAnd a new state Si+1The obtained information Data' is { S }1,A1,R1,S2,A2,…,SN,AN,RNIs stored in the playback buffer B; extracting L training samples from the playback buffer B, and updating all parameters omega of the Actor network by using a gradient descent methodPAnd all parameters ω of Critic networkQ(ii) a Updating all parameters of the Actor target network
And all parameters of Critic target network
Continuing iteration until the algorithm converges or the maximum training times are reached; if the routing is intra-domain routing, continuing iteration according to the data stored in the block chain until the algorithm converges; wherein the Actor network takes the state S, S' as its input, and outputs the mean and variance of the action a; the Critic network takes the state S, S 'as input and outputs an estimated state value Q of the S, S'; when the algorithm converges, the routing strategy is output
9. The method for controlling a seamless trusted cross-domain routing system for a heterogeneous converged network according to claim 2, wherein in the step five, the step of counting the cost includes:
after agreement on the routing path, the relevant operator will perform synchronization and accounting according to the amount of network resources used in the routing across the network domains; the user must pay the relevant fee to the network service provider according to the data recorded in the blockchain; wherein the bill comprises: the total cost of the network resources used, assumed to be b1And the deposit cost generated during the operator registration, assumed to be b2So the bill is b1+b2。
10. A heterogeneous converged-network seamless trusted cross-domain routing system for executing the control method of the heterogeneous converged-network seamless trusted cross-domain routing system according to any one of claims 1 to 9, wherein the heterogeneous converged-network seamless trusted cross-domain routing system comprises the following entities:
(1) authorizing the miners AM: the authorized miners are used as pre-authentication nodes of the miner management block chain; authorized miners refer to verifiers with higher authority in the blockchain; a node that is capable and reliable, assuming that a normal authorized miner will not perform untrusted activities, but not fully trusted due to the possibility of failure or attack by an attacker;
(2) a alliance chain CB: the alliance chain mainly provides trust support for information sharing in cross-domain, and the verification efficiency of the alliance chain is higher than that of a public chain; all miners jointly form a alliance chain, a predetermined consensus mechanism is adopted to maintain the whole block chain system, and the generated block chain can be stored in each node in the network as required;
(3) an authentication center AC: each network domain is usually operated by an operator and has one or more authentication centers, which are responsible for registration of nodes in the network and distribution of cross-domain keys and anonymous trusted credentials; each authentication center maintains a local database for storing identity information, authorization information, charging information, key information and other data of network registration nodes;
(4) block chain storage server BSS: the block chain storage server is mainly responsible for storing relevant information used for sharing and transmission in the routing process, and information sharing is completed between each network node and the authentication center through a block chain; wherein the related information comprises routing information and topology information;
(5) network local server NLS: the network local server is mainly responsible for checking the routing type, namely cross-domain routing or intra-domain routing, managing the network in the local domain and cooperating with servers in other domains to promote the routing process;
(6) and (3) node: the system comprises user terminal equipment, a router, a switch, a network function server and a network edge node; the user terminal equipment comprises a mobile terminal, a computer terminal and an airplane;
(7) DRL model: a deep reinforcement learning model obtains an optimal routing strategy through continuous learning based on network state information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110530588.1A CN113660668B (en) | 2021-05-15 | 2021-05-15 | Seamless trusted cross-domain routing system of heterogeneous converged network and control method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110530588.1A CN113660668B (en) | 2021-05-15 | 2021-05-15 | Seamless trusted cross-domain routing system of heterogeneous converged network and control method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113660668A true CN113660668A (en) | 2021-11-16 |
| CN113660668B CN113660668B (en) | 2023-12-19 |
Family
ID=78476905
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110530588.1A Active CN113660668B (en) | 2021-05-15 | 2021-05-15 | Seamless trusted cross-domain routing system of heterogeneous converged network and control method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113660668B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114374638A (en) * | 2022-01-10 | 2022-04-19 | 之江实验室 | Collaborative routing method and device for cross-domain system |
| CN114827931A (en) * | 2022-04-12 | 2022-07-29 | 电子科技大学 | WSN energy efficiency optimization routing method based on multi-agent reinforcement learning |
| CN114826929A (en) * | 2022-03-08 | 2022-07-29 | 中山大学 | Centerless random gradient descent method based on multi-entity machine environment |
| CN115834371A (en) * | 2022-11-21 | 2023-03-21 | 北京理工大学 | Space-ground converged network cross-domain SFC deployment method based on hybrid state synchronous DRL |
| CN115834361A (en) * | 2023-02-16 | 2023-03-21 | 广州钛动科技股份有限公司 | High-availability multi-load VPN data processing method, system, device and medium |
| CN116137609A (en) * | 2023-02-27 | 2023-05-19 | 西安电子科技大学 | Hierarchical routing method for intention-driven cross-domain data link network |
| CN117221335A (en) * | 2023-11-08 | 2023-12-12 | 西安电子科技大学 | Wireless blockchain network slicing method and device, electronic equipment and storage medium |
| CN117914768A (en) * | 2024-03-19 | 2024-04-19 | 中国科学院空天信息创新研究院 | Service access path construction system for pass-through node |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104080140A (en) * | 2013-03-29 | 2014-10-01 | 南京邮电大学 | Cooperative communication method based on trust evaluation for mobile ad hoc network |
| CN107645445A (en) * | 2017-09-15 | 2018-01-30 | 安徽大学 | A kind of SDN cross-domain communication method based on dummy node technology |
| CN110120936A (en) * | 2019-02-23 | 2019-08-13 | 西安电子科技大学 | Distributed network attack detecting and security measurement system and method based on block chain |
| CN110995718A (en) * | 2019-12-09 | 2020-04-10 | 广东电网有限责任公司 | Power terminal cross-domain authentication mechanism based on block chain |
| US20200394183A1 (en) * | 2019-06-12 | 2020-12-17 | Subramanya R. Jois | System and method of executing, confirming and storing a transaction in a serverless decentralized node network |
-
2021
- 2021-05-15 CN CN202110530588.1A patent/CN113660668B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104080140A (en) * | 2013-03-29 | 2014-10-01 | 南京邮电大学 | Cooperative communication method based on trust evaluation for mobile ad hoc network |
| CN107645445A (en) * | 2017-09-15 | 2018-01-30 | 安徽大学 | A kind of SDN cross-domain communication method based on dummy node technology |
| CN110120936A (en) * | 2019-02-23 | 2019-08-13 | 西安电子科技大学 | Distributed network attack detecting and security measurement system and method based on block chain |
| US20200394183A1 (en) * | 2019-06-12 | 2020-12-17 | Subramanya R. Jois | System and method of executing, confirming and storing a transaction in a serverless decentralized node network |
| CN110995718A (en) * | 2019-12-09 | 2020-04-10 | 广东电网有限责任公司 | Power terminal cross-domain authentication mechanism based on block chain |
Non-Patent Citations (2)
| Title |
|---|
| CUNQIAN YU: "Virtual 5G network embedding in a heterogeneous and multi-domain network infrastructure", CHINA COMMUNICATIONS * |
| 吕广喆: "机载分布式异构网络通信中间件研究", 航空计算技术 * |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114374638A (en) * | 2022-01-10 | 2022-04-19 | 之江实验室 | Collaborative routing method and device for cross-domain system |
| CN114374638B (en) * | 2022-01-10 | 2024-02-27 | 之江实验室 | Collaborative routing method and device of cross-domain system |
| CN114826929B (en) * | 2022-03-08 | 2023-06-16 | 中山大学 | Centreless random gradient descent method based on multi-entity machine environment |
| CN114826929A (en) * | 2022-03-08 | 2022-07-29 | 中山大学 | Centerless random gradient descent method based on multi-entity machine environment |
| CN114827931A (en) * | 2022-04-12 | 2022-07-29 | 电子科技大学 | WSN energy efficiency optimization routing method based on multi-agent reinforcement learning |
| CN114827931B (en) * | 2022-04-12 | 2023-03-10 | 电子科技大学 | WSN energy efficiency optimization routing method based on multi-agent reinforcement learning |
| CN115834371A (en) * | 2022-11-21 | 2023-03-21 | 北京理工大学 | Space-ground converged network cross-domain SFC deployment method based on hybrid state synchronous DRL |
| CN115834371B (en) * | 2022-11-21 | 2024-05-03 | 北京理工大学 | Cross-domain SFC deployment method of space-earth fusion network based on hybrid state synchronous DRL |
| CN115834361B (en) * | 2023-02-16 | 2023-05-02 | 广州钛动科技股份有限公司 | High-availability multi-load VPN data processing method, system, equipment and medium |
| CN115834361A (en) * | 2023-02-16 | 2023-03-21 | 广州钛动科技股份有限公司 | High-availability multi-load VPN data processing method, system, device and medium |
| CN116137609A (en) * | 2023-02-27 | 2023-05-19 | 西安电子科技大学 | Hierarchical routing method for intention-driven cross-domain data link network |
| CN116137609B (en) * | 2023-02-27 | 2024-04-16 | 西安电子科技大学 | Hierarchical routing method for intention-driven cross-domain data link network |
| CN117221335A (en) * | 2023-11-08 | 2023-12-12 | 西安电子科技大学 | Wireless blockchain network slicing method and device, electronic equipment and storage medium |
| CN117221335B (en) * | 2023-11-08 | 2024-03-19 | 西安电子科技大学 | Wireless blockchain network slicing method and device, electronic equipment and storage medium |
| CN117914768A (en) * | 2024-03-19 | 2024-04-19 | 中国科学院空天信息创新研究院 | Service access path construction system for pass-through node |
| CN117914768B (en) * | 2024-03-19 | 2024-05-17 | 中国科学院空天信息创新研究院 | Service access path construction system for pass-through node |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113660668B (en) | 2023-12-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113660668B (en) | Seamless trusted cross-domain routing system of heterogeneous converged network and control method thereof | |
| Stojmenovic et al. | An overview of fog computing and its security issues | |
| Sun et al. | A trust evaluation framework in distributed networks: Vulnerability analysis and defense against attacks | |
| Saied et al. | Trust management system design for the Internet of Things: A context-aware and multi-service approach | |
| Saad et al. | RouteChain: Towards blockchain-based secure and efficient BGP routing | |
| Zhang et al. | TPPR: A trust-based and privacy-preserving platoon recommendation scheme in VANET | |
| Mershad et al. | Proof of accumulated trust: A new consensus protocol for the security of the IoV | |
| Revanesh et al. | A trusted distributed routing scheme for wireless sensor networks using blockchain and meta‐heuristics‐based deep learning technique | |
| Castiglione et al. | A botnet-based command and control approach relying on swarm intelligence | |
| Ourouss et al. | Defending against smart grayhole attack within MANETs: A reputation-based ant colony optimization approach for secure route discovery in DSR protocol | |
| Siddiqui et al. | A survey on the recent efforts of the Internet Standardization Body for securing inter-domain routing | |
| Subbaraj et al. | EigenTrust-based non-cooperative game model assisting ACO look-ahead secure routing against selfishness | |
| Manocha et al. | Improved spider monkey optimization‐based multi‐objective software‐defined networking routing with block chain technology for Internet of Things security | |
| Shao et al. | Data Trusted Sharing Delivery: A Blockchain-Assisted Software-Defined Content Delivery Network | |
| Li et al. | Design and verification of secure communication scheme for industrial IoT intelligent production line system with multi-path redundancy and collaboration | |
| Saravanan et al. | Trust aware ad hoc routing protocol with key management based mechanism and optimal energy‐efficient cluster head selection in mobile ad hoc networks | |
| US20220182243A1 (en) | Method and Apparatus for Distributed Ledger | |
| Liu et al. | Blockchain based trust management in vehicular networks | |
| Ramani et al. | Rapid establishment of transient trust for ndn-based vehicular networks | |
| Zhai et al. | BPKI: A secure and scalable blockchain-based public key infrastructure system for web services | |
| Magaia et al. | Security in delay-tolerant mobile cyber physical applications | |
| Pérez et al. | Building a reputation-based bootstrapping mechanism for newcomers in collaborative alert systems | |
| Jeet et al. | A survey on interest packet flooding attacks and its countermeasures in named data networking | |
| Bai et al. | Blockchain-based Authentication and Proof-of-Reputation Mechanism for Trust Data Sharing in Internet of Vehicles. | |
| Wang et al. | The energy-efficient group key management protocol for strategic mobile scenario of MANETs |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |